Visualize some kind of rolling sum?

Okay, let's say I'm getting sporadic deliveries of something, approximately every 2-3 hours but sometimes 2 in quick succession, sometimes none for 8 hours, etc. Each time a delivery is made, the amount delivered is put in a document in elasticsearch.

Is it possible to create a graph that shows, over time, the sum of the amount of stuff delivered in the 24 hours previous to each point on the graph?

Hi @cgmelastic!

What if you create a visualization where the x-axis is a date histogram aggregation on the time field, with a daily interval. Then, set the y-axis to the sum of a given field. Would that give you what you're looking for?

@alisongoryachev , to be completely transparent, I am not 100% sure what I'm looking for. I do actually already have a graph like you describe though:

image.png947×515 16.2 KB

But this shows me one datapoint per day, you can see it clearly when using a stepped line. What I want to see is not so much "sum per day", but a more granular view of how the sum over the past 24 hours changes throughout the day(s). I would like to be able to proactively identify periods of time like 2019-08-04 and 2019-08-05 (where sum dipped below 30) so I can take action. A graph with the current settings wouldn't show me a downward trend until that datapoint is registered on the graph for the day.

@cgmelastic ah ok, I'm following now. I think what you might be looking for then is the cumulative sum aggregation.

@alisongoryachev, I think this is closer to what I want. I definitely see a cumulative graph, but it's over all time, and just keeps increasing:

image.png1051×381 16.4 KB

What I want to see is, instead of all time, it being cumulative only over a shifting window of about 24 hours previous to each data point, so the line would probably go up to and then hover around 30, at least in a view showing the past few weeks. Is that possible?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.